Thank you. That is something I am not clear about. Suppose there is link( https://B....) provided on an web application hosted at A (tomcat server) that access service on B which through a response.redirect(https://B...) Once user clicks that link a encrypted channel is established between A and B. If B asks client certificate A will furnish it. I am not sure if this responsibility falls to web application or container ?
If it is container I do not see what configuration I need to do. Thank you. rn On Fri, Mar 19, 2010 at 9:33 AM, André Warnier <a...@ice-sa.com> wrote: > rangeli nepal wrote: > >> Thank you for your response. I would have definitely not written to this >> group, if my question would just related to SSL terminating on Apache. >> Here >> is my scenario: >> ___________ ____________ >> | | | >> | >> | A |____________________| B | >> |___________| |____________| >> >> >> Unfortunately, as you have probably noticed, that drawing does not come > out very well in this media. But thanks for trying. > > > A is a tomcat server and B is an Apache server bastion of all the web >> service inside. Apache needs client side Authentication. >> My question is what I need to do on A( tomcat) so that it can accepts >> certificate from B and B will accept certificate from A (tomcat). >> > > Which makes me think that this has nothing to do with Tomcat per se. > It looks like what you want is that some /application/ running inside > Tomcat would be able to connect to Apache via SSL, and exchange certificates > with it. > That would be a pure Java programming matter, and the fact that the > application itself happens to be running inside Tomcat is purely > circumstancial and changes nothing to the matter. > Or am I misunderstanding your schema ? > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >